How to . . . protect your passwords

Any password that can easily be guessed should be dismissed immediately

Most online services will force you to have a password that is a mix of numbers and letters.

We rely heavily on online services these days – or at least many of us do. From email and social networking to online banking, we trust that the passwords we create will keep prying eyes out and our details safe. But how can you make sure no one else gets hold of your confidential login details?

Be sensible

Don’t reuse the same password and email login combo on numerous sites. If your details for one site are compromised, the rest of your services are at risk. Steer clear of obvious passwords, such as your date of birth, your child’s name and so on. Anything that is easily guessed should be immediately dismissed.

Use alphanumeric passwords

If you use a simple four digit codes or the bare minimum for passwords using all lower-case letters, you are putting your information at risk. The longer and more complex your password is, the harder it is to guess. You could use a sentence or phrase as a password, and swap some letters out for numbers, add a capital letter and a symbol. Most online services will force you to have a password that is a mix of numbers and letters; others take it a step further and insist on a capital letter or two, or possibly a symbol.

Should you let your browser save your passwords?

It’s tempting. When that little box pops up to prompt you to save your passwords in the browser, the idea that you can not only save them but sync them across all your devices when you are signed in can seem like the answer to all your problems. But think twice before you click Yes. Although passwords are generally encrypted, it doesn’t mean they are completely safe. Last year, Opera was the victim of a successful hack that saw some of its user details stolen – including some sync information.

Use a password manager

If you are following best practice on password security, you’ll choose a password that is a randomly generated sequence of numbers, letters and symbols. Unfortunately, these are seldom easy to remember.

So what’s the alternative? Writing them down and keeping a hard copy may not be practical for most users, so perhaps looking at a password manager might be the best approach. These are standalone apps and software that will not only save your passwords securely but also help you generate stronger login credentials. They’re protected with a master password, meaning you only need to generate and remember one strong password to access everything.

There is the caveat that you are now entrusting the security of your accounts to a single service; make sure you have a strong master password and keep an eye on security updates. Here are a few suggestions:

LastPass:

A free service for those using it on smartphones, LastPass is a password manager that allows you to store and save all your credentials for sites such as Facebook and Twitter, and will also randomly generate passwords for you on request. Once you have logged into your LastPass app, you can also open sites within the app, so you could access your Facebook page, for example. There are some free elements – the app on your iPhone, for example – but others require you to sign up and pay.

1Password:

1Password gives you the option of where you store your passwords: offline, your local network or online through syncing with Dropbox or iCloud. It’s encrypted end to end, so your data is protected. There’s a 14-day trial, after which you’ll have to cough up to use the service.

Dashlane:

Dashlane can be synced across all your devices, but you have to approve each one. That adds an extra layer of security to your account, which is handy if you plan on using the digital wallet that the service also offers. You can store everything from your email password to your credit card number in Dashlane, and it’s all encrypted to keep everything secure.

We reserve the right to remove any content at any time from this Community, including without limitation if it violates the Community Standards. We ask that you report content that you in good faith believe violates the above rules by clicking the Flag link next to the offending comment or by filling out this form. New comments are only accepted for 3 days from the date of publication.